Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1d480b6d-25fc-4f37-b125-f45ce236f4ea.roa
File: 1d480b6d-25fc-4f37-b125-f45ce236f4ea.roa (raw, json)
Hash identifier: VetSn+IOq/RCb/fKL7AWg2moSryjvWOhKIXYt+Sv8KI=
Subject key identifier: 47:4E:04:0D:5D:08:63:5D:D6:A1:60:6A:80:45:6C:ED:80:B3:A6:16
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 745B4A6BFF46E3FAD98EE86EA5B1107F5A929915
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1d480b6d-25fc-4f37-b125-f45ce236f4ea.roa
Signing time: Mon 01 Sep 2025 21:20:18 +0000
ROA not before: Mon 01 Sep 2025 21:20:18 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d01d:800::/37 maxlen: 37
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
74:5b:4a:6b:ff:46:e3:fa:d9:8e:e8:6e:a5:b1:10:7f:5a:92:99:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 1 21:20:18 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=1f5ab2b55924323b86e93d20a11289e2246af6aabdb7c8675c52ac42b802e75a, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:94:2f:ba:42:51:ef:dc:3b:fc:5a:5b:42:fb:
23:f5:ec:bd:b9:8c:65:4e:2d:b5:a8:13:49:dc:fc:
29:d3:ba:52:52:01:8e:2d:a8:a5:2e:0b:b3:7f:29:
b1:8d:ca:62:fc:e2:56:b0:62:e7:75:21:87:3d:0f:
aa:63:96:1a:f8:11:1b:25:cc:a4:6a:d7:db:f1:e0:
1d:36:58:7d:38:49:26:d6:6b:00:ef:cf:19:9a:41:
93:0c:a2:4a:ba:22:f4:44:5d:84:8d:4d:67:db:82:
9e:3a:d8:50:87:66:3a:a9:d1:d3:5b:f7:61:46:34:
45:ef:d8:15:2a:d3:5c:92:02:13:59:1d:8c:a3:09:
0f:c0:e6:6c:34:10:18:2c:0e:a4:5c:ab:46:71:9b:
2a:85:38:96:0c:8f:90:e3:99:7e:a4:bf:0b:75:2e:
1e:f8:54:79:73:af:a9:fc:fc:8f:2f:5a:dd:92:8c:
50:96:ff:8f:60:6f:b6:25:eb:e0:46:47:b5:96:db:
28:ad:cb:05:da:94:ca:4d:e4:92:e2:47:f0:6e:a1:
4d:9c:db:30:13:19:4c:86:3d:50:26:95:58:b0:71:
b1:d5:50:b3:9b:86:50:4e:b6:f8:33:9a:4d:6e:8c:
be:e0:c2:37:76:e8:a9:67:6d:5a:85:66:42:58:5d:
ed:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:4E:04:0D:5D:08:63:5D:D6:A1:60:6A:80:45:6C:ED:80:B3:A6:16
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1d480b6d-25fc-4f37-b125-f45ce236f4ea.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d01d:800::/37
Signature Algorithm: sha256WithRSAEncryption
0a:81:99:60:5a:b8:51:68:2c:f2:d7:9b:a9:e7:66:9b:62:e8:
40:6a:34:b8:95:bd:49:27:a8:9f:bb:11:88:c6:30:2c:95:3a:
a3:93:d8:27:77:c8:66:90:ef:bc:5f:53:84:59:76:0b:99:76:
1a:f9:0f:a4:58:6e:4f:c2:6e:4a:62:2c:77:31:f5:69:e6:52:
d4:84:1e:eb:26:51:21:b8:a5:9b:b9:22:2a:03:6d:a4:68:11:
be:ab:29:9e:58:43:75:ab:e1:a2:d6:6c:3e:04:cf:d5:23:1d:
21:eb:55:1c:f5:61:21:1d:01:55:d9:39:ad:75:89:63:89:5d:
16:54:ff:8e:77:ea:fe:ec:a5:74:20:64:da:e6:bc:67:68:86:
ee:1a:95:a5:6d:b0:b4:33:0d:fc:d0:d2:1f:25:b2:f0:81:3f:
4b:20:9f:f4:04:7b:a4:be:09:aa:87:c2:91:b9:4f:54:f7:4d:
58:58:e3:4d:e4:bb:5f:b3:e1:81:d0:d0:c1:07:3d:00:aa:6f:
cc:56:af:dd:0e:08:56:f9:9a:12:11:73:f2:1e:dc:fd:0a:16:
07:5e:50:4b:7b:77:fb:47:ef:41:34:65:d6:e7:e1:a6:87:d9:
8b:4d:87:8e:43:e4:63:96:e3:88:ed:f4:af:99:9f:b5:b2:10:
cf:fa:9d:6e
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUdFtKa/9G4/rZjuhupbEQf1qSmRUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MDEyMTIwMThaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDFmNWFiMmI1NTkyNDMyM2I4NmU5M2QyMGExMTI4OWUyMjQ2YWY2YWFiZGI3
Yzg2NzVjNTJhYzQyYjgwMmU3NWExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKiUL7pCUe/cO/xaW0L7I/XsvbmMZU4ttagTSdz8KdO6UlIBji2opS4Ls38p
sY3KYvziVrBi53Uhhz0PqmOWGvgRGyXMpGrX2/HgHTZYfThJJtZrAO/PGZpBkwyi
Sroi9ERdhI1NZ9uCnjrYUIdmOqnR01v3YUY0Re/YFSrTXJICE1kdjKMJD8DmbDQQ
GCwOpFyrRnGbKoU4lgyPkOOZfqS/C3UuHvhUeXOvqfz8jy9a3ZKMUJb/j2BvtiXr
4EZHtZbbKK3LBdqUyk3kkuJH8G6hTZzbMBMZTIY9UCaVWLBxsdVQs5uGUE62+DOa
TW6MvuDCN3boqWdtWoVmQlhd7SsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRHTgQN
XQhjXdahYGqARWztgLOmFjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MWQ0ODBiNmQtMjVmYy00ZjM3LWIxMjUtZjQ1Y2UyMzZmNGVhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAyoF0B0I
MA0GCSqGSIb3DQEBCwUAA4IBAQAKgZlgWrhRaCzy15up52abYuhAajS4lb1JJ6if
uxGIxjAslTqjk9gnd8hmkO+8X1OEWXYLmXYa+Q+kWG5Pwm5KYix3MfVp5lLUhB7r
JlEhuKWbuSIqA22kaBG+qymeWEN1q+Gi1mw+BM/VIx0h61Uc9WEhHQFV2TmtdYlj
iV0WVP+Od+r+7KV0IGTa5rxnaIbuGpWlbbC0Mw380NIfJbLwgT9LIJ/0BHukvgmq
h8KRuU9U901YWONN5Ltfs+GB0NDBBz0Aqm/MVq/dDghW+ZoSEXPyHtz9ChYHXlBL
e3f7R+9BNGXW5+Gmh9mLTYeOQ+RjluOI7fSvmZ+1shDP+p1u
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:07:00 2025 by rpki-client